KEV Entry

CVE-2021-38647

Known Exploited Vulnerability Entry External Catalog

Back to Catalog View Vulnerability
Entry Details
Confirmed Exploited

CVE-2021-38647

2021-11-03 00:00 UTC

Timestamps

2021-11-03

2021-11-03

Scope

KEVIntel entry: Open Management Infrastructure Remote Code Execution Vulnerability | Affected: Microsoft / Open Management Infrastructure, System Center Operations Manager (SCOM), Azure Automation State Configuration, DSC Extension, Azure Automation Update Management, Log Analytics Agent, Azure Diagnostics (LAD), Container Monitoring Solution, Azure Security Center, Azure Sentinel, Azure Stack Hub | CVSS: 9.8 (CRITICAL) | Used in malware: yes | Not yet in CISA KEV: False

References
  • {'id': 'CVE-2021-38647', 'url': 'https://www.cve.org/CVERecord?id=CVE-2021-38647'}
  • {'id': 'kevintel', 'url': 'https://kevintel.com/vuln/CVE-2021-38647'}

32f69748-0d25-4fa5-8ad6-b12f4366c72f

caeb2787-0d58-4236-9039-7c86c3e566f3

2026-06-23 11:13 UTC

2026-06-23 11:13 UTC

Evidence
1
Type Source Signal Confidence Details GCVE Metadata
public_report kevintel confirmed_compromise 0.70
View details 
{
  "added_date": "2021-11-03T00:00:00.000Z",
  "ahead_of_cisa_kev": null,
  "cvss_score": 9.8,
  "cvss_severity": "CRITICAL",
  "epss_percentile": null,
  "epss_score": null,
  "feed": "KEVIntel (kevintel.com)",
  "not_yet_in_cisa_kev": false,
  "product": "Open Management Infrastructure, System Center Operations Manager (SCOM), Azure Automation State Configuration, DSC Extension, Azure Automation Update Management, Log Analytics Agent, Azure Diagnostics (LAD), Container Monitoring Solution, Azure Security Center, Azure Sentinel, Azure Stack Hub",
  "title": "Open Management Infrastructure Remote Code Execution Vulnerability",
  "used_in_malware": "yes",
  "vendor": "Microsoft"
}
 -
Export Options
JSON Object JSON API View Full Catalog